def run(dry_run):
settings = queries.get_app_interface_settings()
gqlapi = gql.get_api()
github = init_github()
secret_reader = SecretReader(settings=settings)
# Reconcile against all sentry instances
instances = gqlapi.query(SENTRY_INSTANCES_QUERY)["instances"]
tokens = {
i["name"]: secret_reader.read(i["automationToken"])
for i in instances
}
skip_users = {
i["name"]: secret_reader.read(i["adminUser"])
for i in instances
}
for instance in instances:
instance_name = instance["name"]
token = tokens[instance_name]
host = instance["consoleUrl"]
sentry_client = SentryClient(host, token)
skip_user = skip_users[instance_name]
current_state = fetch_current_state(sentry_client, [skip_user])
desired_state = fetch_desired_state(gqlapi, instance, github)
reconciler = SentryReconciler(sentry_client, dry_run)
reconciler.reconcile(current_state, desired_state)
def lookup_github_file_content(repo, path, ref, tvars=None):
if tvars is not None:
repo = process_jinja2_template(repo, vars=tvars)
path = process_jinja2_template(path, vars=tvars)
ref = process_jinja2_template(ref, vars=tvars)
gh = init_github()
c = gh.get_repo(repo).get_contents(path, ref).decoded_content
return c.decode("utf-8")
def validate_users_github(users, thread_pool_size):
ok = True
g = init_github()
results = threaded.run(get_github_user, users, thread_pool_size, github=g)
for org_username, gb_username, gh_login in results:
if gb_username != gh_login:
logging.error(
"Github username is case sensitive in OSD. "
f"User {org_username} github_username should be: {gh_login}.")
ok = False
return ok
def validate_users_github(users, thread_pool_size):
ok = True
g = init_github()
results = threaded.run(get_github_user, users, thread_pool_size, github=g)
for org_username, gb_username, gh_login in results:
if gb_username != gh_login:
logging.error("Github username is case sensitive in OSD. "
f"User {org_username} is expecting to have "
f"the github username of {gh_login}, "
f"but the username specified in "
f"app-interface is {gb_username}")
ok = False
return ok
def get_all_repos_to_scan(repos):
logging.info("getting full list of repos")
all_repos = []
all_repos.extend([strip_repo_url(r) for r in repos])
g = init_github()
for r in repos:
logging.debug("getting forks: {}".format(r))
repo_name = r.replace("https://github.com/", "")
try:
repo = g.get_repo(repo_name)
forks = repo.get_forks()
all_repos.extend([strip_repo_url(f.clone_url) for f in forks])
except UnknownObjectException:
logging.error("not found {}".format(r))
return all_repos
def run(dry_run):
settings = queries.get_app_interface_settings()
gqlapi = gql.get_api()
github = init_github()
secret_reader = SecretReader(settings=settings)
# Reconcile against all sentry instances
result = gqlapi.query(SENTRY_INSTANCES_QUERY)
for instance in result['instances']:
token = secret_reader.read(instance['automationToken'])
host = instance['consoleUrl']
sentry_client = SentryClient(host, token)
skip_user = secret_reader.read(instance['adminUser'])
current_state = fetch_current_state(sentry_client, [skip_user])
desired_state = fetch_desired_state(gqlapi, instance, github)
reconciler = SentryReconciler(sentry_client, dry_run)
reconciler.reconcile(current_state, desired_state)
